<?php
// +----------------------------------------------------------------------
// | API接口安全配置
// +----------------------------------------------------------------------
// | 有条件童鞋的可以在服务器防火墙层面开启接口安全验证，相应的配置代码可以删除，以降低DDOS压力.
// +----------------------------------------------------------------------
return [
    //请求协议必须是https
    'is_ssl'   => false,
    //验证请求为ajax请求
    'is_ajax'  => true,
    //允许的请求方法
    'ajax_method' => ['get','post','put','delete','option'],
    //开启ip或域名白名单验证
    'is_whitelist'  => true,
    //白名单地址
    'whitelist'     => ['127.0.0.1','localhost','localhost.hjlmall.com'],
    //开启ip或域名黑名单验证
    'is_blacklist'  => false,
    //黑名单地址
    'blacklist'     => [],
    //开启频繁请求验证
    'is_frequently' => false,
    //频繁请求阈值[频繁请求的秒数,频繁请求秒数内的最大访问次数]
    'frequency'    => [10,50],
    //开启设备验证
    'is_device'   => false,
    'device'     => ['mobile','pc'],
    //开启终端验证
    'is_terminal'   => false,
    'terminal'     => ['weixin','qq','baidu','uc']
];
